Gitiles
Code Review Sign In
gerrit.cesnet.cz / CzechLight / velia / df6365b386faa298a66567eca307908a369ef088 / . / yang / ietf-packet-fields@2019-03-04.yang
blob: 2fb797bd87bf4ed825f83ec788df707b94c5f68b [file] [log] [blame]
Václav Kubernát637fe802021-01-22 02:43:18 +0100[diff] [blame]1module ietf-packet-fields {
2 yang-version 1.1;
3 namespace "urn:ietf:params:xml:ns:yang:ietf-packet-fields";
4 prefix packet-fields;
5
6 import ietf-inet-types {
7 prefix inet;
8 reference
9 "RFC 6991 - Common YANG Data Types.";
10 }
11
12 import ietf-yang-types {
13 prefix yang;
14 reference
15 "RFC 6991 - Common YANG Data Types.";
16 }
17
18 import ietf-ethertypes {
19 prefix eth;
20 reference
21 "RFC 8519 - YANG Data Model for Network Access Control
22 Lists (ACLs).";
23 }
24
25 organization
26 "IETF NETMOD (Network Modeling) Working Group.";
27
28 contact
29 "WG Web: <https://datatracker.ietf.org/wg/netmod/>
30 WG List: netmod@ietf.org
31
32 Editor: Mahesh Jethanandani
33 mjethanandani@gmail.com
34 Editor: Lisa Huang
35 huangyi_99@yahoo.com
36 Editor: Sonal Agarwal
37 sagarwal12@gmail.com
38 Editor: Dana Blair
39 dana@blairhome.com";
40
41 description
42 "This YANG module defines groupings that are used by
43 the ietf-access-control-list YANG module. Their usage
44 is not limited to ietf-access-control-list and can be
45 used anywhere as applicable.
46
47 Copyright (c) 2019 IETF Trust and the persons identified as
48 the document authors. All rights reserved.
49
50 Redistribution and use in source and binary forms, with or
51 without modification, is permitted pursuant to, and subject
52 to the license terms contained in, the Simplified BSD
53 License set forth in Section 4.c of the IETF Trust's Legal
54 Provisions Relating to IETF Documents
55 (http://trustee.ietf.org/license-info).
56
57 This version of this YANG module is part of RFC 8519; see
58 the RFC itself for full legal notices.";
59
60 revision 2019-03-04 {
61 description
62 "Initial version.";
63 reference
64 "RFC 8519: YANG Data Model for Network Access Control
65 Lists (ACLs).";
66 }
67
68 /*
69 * Typedefs
70 */
71 typedef operator {
72 type enumeration {
73 enum lte {
74 description
75 "Less than or equal to.";
76 }
77 enum gte {
78 description
79 "Greater than or equal to.";
80 }
81 enum eq {
82 description
83 "Equal to.";
84 }
85 enum neq {
86 description
87 "Not equal to.";
88 }
89 }
90 description
91 "The source and destination port range definitions
92 can be further qualified using an operator. An
93 operator is needed only if the lower-port is specified
94 and the upper-port is not specified. The operator
95 therefore further qualifies the lower-port only.";
96 }
97
98 /*
99 * Groupings
100 */
101 grouping port-range-or-operator {
102 choice port-range-or-operator {
103 case range {
104 leaf lower-port {
105 type inet:port-number;
106 must '. <= ../upper-port' {
107 error-message
108 "The lower-port must be less than or equal to
109 the upper-port.";
110 }
111 mandatory true;
112 description
113 "Lower boundary for a port.";
114 }
115 leaf upper-port {
116 type inet:port-number;
117 mandatory true;
118 description
119 "Upper boundary for a port.";
120 }
121 }
122 case operator {
123 leaf operator {
124 type operator;
125 default "eq";
126 description
127 "Operator to be applied on the port below.";
128 }
129 leaf port {
130 type inet:port-number;
131 mandatory true;
132 description
133 "Port number along with the operator on which to
134 match.";
135 }
136 }
137 description
138 "Choice of specifying a port range or a single
139 port along with an operator.";
140 }
141 description
142 "Grouping for port definitions in the form of a
143 choice statement.";
144 }
145
146 grouping acl-ip-header-fields {
147 description
148 "IP header fields common to IPv4 and IPv6";
149 reference
150 "RFC 791: Internet Protocol.";
151
152 leaf dscp {
153 type inet:dscp;
154 description
155 "Differentiated Services Code Point.";
156 reference
157 "RFC 2474: Definition of the Differentiated Services
158 Field (DS Field) in the IPv4 and IPv6
159 Headers.";
160 }
161
162 leaf ecn {
163 type uint8 {
164 range "0..3";
165 }
166 description
167 "Explicit Congestion Notification.";
168 reference
169 "RFC 3168: The Addition of Explicit Congestion
170 Notification (ECN) to IP.";
171 }
172
173 leaf length {
174 type uint16;
175 description
176 "In the IPv4 header field, this field is known as the Total
177 Length. Total Length is the length of the datagram, measured
178 in octets, including internet header and data.
179
180 In the IPv6 header field, this field is known as the Payload
181 Length, which is the length of the IPv6 payload, i.e., the rest
182 of the packet following the IPv6 header, in octets.";
183 reference
184 "RFC 791: Internet Protocol
185 RFC 8200: Internet Protocol, Version 6 (IPv6) Specification.";
186 }
187 leaf ttl {
188 type uint8;
189 description
190 "This field indicates the maximum time the datagram is allowed
191 to remain in the internet system. If this field contains the
192 value zero, then the datagram must be dropped.
193
194 In IPv6, this field is known as the Hop Limit.";
195 reference
196 "RFC 791: Internet Protocol
197 RFC 8200: Internet Protocol, Version 6 (IPv6) Specification.";
198 }
199 leaf protocol {
200 type uint8;
201 description
202 "Internet Protocol number. Refers to the protocol of the
203 payload. In IPv6, this field is known as 'next-header',
204 and if extension headers are present, the protocol is
205 present in the 'upper-layer' header.";
206 reference
207 "RFC 791: Internet Protocol
208 RFC 8200: Internet Protocol, Version 6 (IPv6) Specification.";
209 }
210 }
211
212 grouping acl-ipv4-header-fields {
213 description
214 "Fields in the IPv4 header.";
215 leaf ihl {
216 type uint8 {
217 range "5..60";
218 }
219 description
220 "In an IPv4 header field, the Internet Header Length (IHL) is
221 the length of the internet header in 32-bit words and
222 thus points to the beginning of the data. Note that the
223 minimum value for a correct header is 5.";
224 }
225 leaf flags {
226 type bits {
227 bit reserved {
228 position 0;
229 description
230 "Reserved. Must be zero.";
231 }
232 bit fragment {
233 position 1;
234 description
235 "Setting the value to 0 indicates may fragment, while
236 setting the value to 1 indicates do not fragment.";
237 }
238 bit more {
239 position 2;
240 description
241 "Setting the value to 0 indicates this is the last fragment,
242 and setting the value to 1 indicates more fragments are
243 coming.";
244 }
245 }
246 description
247 "Bit definitions for the Flags field in the IPv4 header.";
248 }
249 leaf offset {
250 type uint16 {
251 range "20..65535";
252 }
253 description
254 "The fragment offset is measured in units of 8 octets (64 bits).
255 The first fragment has offset zero. The length is 13 bits";
256 }
257 leaf identification {
258 type uint16;
259 description
260 "An identifying value assigned by the sender to aid in
261 assembling the fragments of a datagram.";
262 }
263
264 choice destination-network {
265 case destination-ipv4-network {
266 leaf destination-ipv4-network {
267 type inet:ipv4-prefix;
268 description
269 "Destination IPv4 address prefix.";
270 }
271 }
272 description
273 "Choice of specifying a destination IPv4 address or
274 referring to a group of IPv4 destination addresses.";
275 }
276
277 choice source-network {
278 case source-ipv4-network {
279 leaf source-ipv4-network {
280 type inet:ipv4-prefix;
281 description
282 "Source IPv4 address prefix.";
283 }
284 }
285 description
286 "Choice of specifying a source IPv4 address or
287 referring to a group of IPv4 source addresses.";
288 }
289 }
290
291 grouping acl-ipv6-header-fields {
292 description
293 "Fields in the IPv6 header.";
294
295 choice destination-network {
296 case destination-ipv6-network {
297 leaf destination-ipv6-network {
298 type inet:ipv6-prefix;
299 description
300 "Destination IPv6 address prefix.";
301 }
302 }
303 description
304 "Choice of specifying a destination IPv6 address
305 or referring to a group of IPv6 destination
306 addresses.";
307 }
308
309 choice source-network {
310 case source-ipv6-network {
311 leaf source-ipv6-network {
312 type inet:ipv6-prefix;
313 description
314 "Source IPv6 address prefix.";
315 }
316 }
317 description
318 "Choice of specifying a source IPv6 address or
319 referring to a group of IPv6 source addresses.";
320 }
321
322 leaf flow-label {
323 type inet:ipv6-flow-label;
324 description
325 "IPv6 Flow label.";
326 }
327 reference
328 "RFC 4291: IP Version 6 Addressing Architecture
329 RFC 4007: IPv6 Scoped Address Architecture
330 RFC 5952: A Recommendation for IPv6 Address Text
331 Representation.";
332 }
333
334 grouping acl-eth-header-fields {
335 description
336 "Fields in the Ethernet header.";
337 leaf destination-mac-address {
338 type yang:mac-address;
339 description
340 "Destination IEEE 802 Media Access Control (MAC)
341 address.";
342 }
343 leaf destination-mac-address-mask {
344 type yang:mac-address;
345 description
346 "Destination IEEE 802 MAC address mask.";
347 }
348 leaf source-mac-address {
349 type yang:mac-address;
350 description
351 "Source IEEE 802 MAC address.";
352 }
353 leaf source-mac-address-mask {
354 type yang:mac-address;
355 description
356 "Source IEEE 802 MAC address mask.";
357 }
358 leaf ethertype {
359 type eth:ethertype;
360 description
361 "The Ethernet Type (or Length) value represented
362 in the canonical order defined by IEEE 802.
363 The canonical representation uses lowercase
364 characters.";
365 reference
366 "IEEE 802-2014, Clause 9.2.";
367 }
368 reference
369 "IEEE 802: IEEE Standard for Local and Metropolitan
370 Area Networks: Overview and Architecture.";
371 }
372
373 grouping acl-tcp-header-fields {
374 description
375 "Collection of TCP header fields that can be used to
376 set up a match filter.";
377 leaf sequence-number {
378 type uint32;
379 description
380 "Sequence number that appears in the packet.";
381 }
382 leaf acknowledgement-number {
383 type uint32;
384 description
385 "The acknowledgement number that appears in the
386 packet.";
387 }
388 leaf data-offset {
389 type uint8 {
390 range "5..15";
391 }
392 description
393 "Specifies the size of the TCP header in 32-bit
394 words. The minimum size header is 5 words and
395 the maximum is 15 words; thus, this gives a
396 minimum size of 20 bytes and a maximum of 60
397 bytes, allowing for up to 40 bytes of options
398 in the header.";
399 }
400 leaf reserved {
401 type uint8;
402 description
403 "Reserved for future use.";
404 }
405 leaf flags {
406 type bits {
407 bit cwr {
408 position 1;
409 description
410 "The Congestion Window Reduced (CWR) flag is set
411 by the sending host to indicate that it received
412 a TCP segment with the ECN-Echo (ECE) flag set
413 and had responded in the congestion control
414 mechanism.";
415 reference
416 "RFC 3168: The Addition of Explicit Congestion
417 Notification (ECN) to IP.";
418 }
419 bit ece {
420 position 2;
421 description
422 "ECN-Echo has a dual role, depending on the value
423 of the SYN flag. It indicates the following: if
424 the SYN flag is set (1), the TCP peer is ECN
425 capable, and if the SYN flag is clear (0), a packet
426 with the Congestion Experienced flag set (ECN=11)
427 in the IP header was received during normal
428 transmission (added to the header by RFC 3168).
429 This serves as an indication of network congestion
430 (or impending congestion) to the TCP sender.";
431 reference
432 "RFC 3168: The Addition of Explicit Congestion
433 Notification (ECN) to IP.";
434 }
435 bit urg {
436 position 3;
437 description
438 "Indicates that the Urgent Pointer field is significant.";
439 }
440 bit ack {
441 position 4;
442 description
443 "Indicates that the Acknowledgement field is significant.
444 All packets after the initial SYN packet sent by the
445 client should have this flag set.";
446 }
447 bit psh {
448 position 5;
449 description
450 "Push function. Asks to push the buffered data to the
451 receiving application.";
452 }
453 bit rst {
454 position 6;
455 description
456 "Reset the connection.";
457 }
458 bit syn {
459 position 7;
460 description
461 "Synchronize sequence numbers. Only the first packet
462 sent from each end should have this flag set. Some
463 other flags and fields change meaning based on this
464 flag, and some are only valid for when it is set,
465 and others when it is clear.";
466 }
467 bit fin {
468 position 8;
469 description
470 "Last package from the sender.";
471 }
472 }
473 description
474 "Also known as Control Bits. Contains nine 1-bit flags.";
475 reference
476 "RFC 793: Transmission Control Protocol.";
477 }
478 leaf window-size {
479 type uint16;
480 units "bytes";
481 description
482 "The size of the receive window, which specifies
483 the number of window size units beyond the segment
484 identified by the sequence number in the Acknowledgement
485 field that the sender of this segment is currently
486 willing to receive.";
487 }
488 leaf urgent-pointer {
489 type uint16;
490 description
491 "This field is an offset from the sequence number
492 indicating the last urgent data byte.";
493 }
494 leaf options {
495 type binary {
496 length "1..40";
497 }
498 description
499 "The length of this field is determined by the
500 Data Offset field. Options have up to three
501 fields: Option-Kind (1 byte), Option-Length
502 (1 byte), and Option-Data (variable). The Option-Kind
503 field indicates the type of option and is the
504 only field that is not optional. Depending on
505 what kind of option we are dealing with,
506 the next two fields may be set: the Option-Length
507 field indicates the total length of the option,
508 and the Option-Data field contains the value of
509 the option, if applicable.";
510 }
511 }
512
513 grouping acl-udp-header-fields {
514 description
515 "Collection of UDP header fields that can be used
516 to set up a match filter.";
517 leaf length {
518 type uint16;
519 description
520 "A field that specifies the length in bytes of
521 the UDP header and UDP data. The minimum
522 length is 8 bytes because that is the length of
523 the header. The field size sets a theoretical
524 limit of 65,535 bytes (8-byte header plus 65,527
525 bytes of data) for a UDP datagram. However, the
526 actual limit for the data length, which is
527 imposed by the underlying IPv4 protocol, is
528 65,507 bytes (65,535 minus 8-byte UDP header
529 minus 20-byte IP header).
530
531 In IPv6 jumbograms, it is possible to have
532 UDP packets of a size greater than 65,535 bytes.
533 RFC 2675 specifies that the Length field is set
534 to zero if the length of the UDP header plus
535 UDP data is greater than 65,535.";
536 }
537 }
538
539 grouping acl-icmp-header-fields {
540 description
541 "Collection of ICMP header fields that can be
542 used to set up a match filter.";
543 leaf type {
544 type uint8;
545 description
546 "Also known as control messages.";
547 reference
548 "RFC 792: Internet Control Message Protocol
549 RFC 4443: Internet Control Message Protocol (ICMPv6)
550 for Internet Protocol Version 6 (IPv6)
551 Specification.";
552 }
553 leaf code {
554 type uint8;
555 description
556 "ICMP subtype. Also known as control messages.";
557 reference
558 "RFC 792: Internet Control Message Protocol
559 RFC 4443: Internet Control Message Protocol (ICMPv6)
560 for Internet Protocol Version 6 (IPv6)
561 Specification.";
562 }
563 leaf rest-of-header {
564 type binary;
565 description
566 "Unbounded in length, the contents vary based on the
567 ICMP type and code. Also referred to as 'Message Body'
568 in ICMPv6.";
569 reference
570 "RFC 792: Internet Control Message Protocol
571 RFC 4443: Internet Control Message Protocol (ICMPv6)
572 for Internet Protocol Version 6 (IPv6)
573 Specification.";
574 }
575 }
576}